Identity and Access Manager

Job Purpose and Summary

This position is responsible for managing the efforts of technical staff responsible for identity and access management of the Pennsylvania Turnpike Commission (PTC) including security role design and development, user access request management, user provisioning, workforce lifecycle events, user access reviews and application integration design for all PTC enterprise applications. Work is performed with considerable independence and reviewed for attainment of program goals and overall performance. Supervision is exercised over internal and external professional staff responsible for securing PTC systems and data.

Essential Functions & Responsibilities

Supervises lower-level staff involved in the IAM implementation and access request management. Provides technical supervision and guidance. Supervises internal/external staff functions including delegation of work assignments and review of work product, staff performance evaluation, goal settings, and mentoring.

Monitors key performance indicators (KPIs) for incident and request resolution in ServiceNow. Creates and maintains reports/metrics on KPIs. Monitors key performance indicators for incident and request resolution in ServiceNow. Assigns tickets to staff as needed.

Documents and maintains IAM program implementation road map, documents and organizes various security controls related to IAM, ensures that procedures are executed to insure adherence with compliance and industry best practices.

Manages the implementation of various phases of the IAM program road map (ServiceNow access request catalog, birthright, PAM etc). Leads/Supports activities to integrate applications into the IAM solution for centralized user access management.

Using a thorough understanding of the implementation of the IAM program using SailPoint of similar products, design, implement, and integrate applications into IAM solution for the centralized access provisioning.

Using a risk-based approach, advocates for and helps prioritize remediation of security findings and develop/report metrics measuring the state of the IAM program.

Coordinates the maintenance of the PTC’s IAM solution including patching, upgrades, daily production health checks, monthly production health checks, production defect fixes, build management, etc.

Approves the security design for new and existing applications to ensure that they adhere to the principals of least privilege and segregation of duties.

Manages the daily operations of user account technical onboarding and offboarding processes, SAP security in all environments, and the SAP GRC platform. Ensures that compliance requirements are fully met.

Coordinates with the cyber security team to ensure solution assurance and compliance to security policy, procedures, standards, and baseline security configurations.

Reviews and approves requests for proposals (RFPs) for security related services/systems. Evaluates proposals and makes recommendations. Oversees and monitors contract performance. Ensures specifications and statements of work (SOWs) are met to ensure the efficient and cost-effective delivery of services.

Maintains superior technical knowledge of the PTC’s IAM environment including an in-depth understanding of future directions and technologies related to the unit.

Participates in meetings, committees and/or project teams to provide guidance, subject matter expertise and recommendations. Researches and maintains a thorough understanding of the latest security standards, systems, products, practices, and protocols.

Works with internal departments to implement consistent procedures. Cultivates a culture of security awareness and ensures security policies are adhered to.

Uses situational awareness to anticipate and prevent accidents.

Performs related duties as assigned.

Qualifications

Bachelor’s degree in computer science, information systems or electronic business administration. Equivalent combination of education and/or experience may be accepted.

Possession of CIAM (Certified Identity and Access Manager), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), credentials are preferred. Possession of a valid driver’s license. Must obtain and maintain a valid Pennsylvania driver’s license within six (6) months of employment.

Seven (7) years of experience in information security engineering/architecture and cyber security incident response. Equivalent combination of education and/or experience may be accepted. Four (4) of the years of experience must be in a supervisory capacity.

Competencies

Physical Demands and Work Environment

Position requires frequent work at a computer utilizing business programs and PTC specific operating systems. Position requires some heavy lifting and physical labor. Position requires some travel and/or fieldwork with exposure to roadway traffic. Occasionally works outside of normal business hours for assigned work assignments.

Office environment with low levels of noise, adequate lighting, and comfortable temperature. Field environment may include exposure to moderately adverse and undesirable conditions. Physical environment is generally safe, but safety equipment or precautions must be followed in field conditions.

Disclaimer

The information provided in this job description has been designed to indicate the general nature and level of work performed by the incumbent(s) within this job. It is not designed to be interpreted as a comprehensive inventory of all duties, responsibilities, qualifications and working conditions required of the employee(s) assigned to this job. Management has the discretion to add or modify duties of the job and to designate other functions as essential at any time.